Insider Attacks and Privacy of RFID Protocols

  • Ton van Deursen
  • Saša Radomirović
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7163)


We discuss insider attacks on RFID protocols with a focus on RFID tag privacy and demonstrate such attacks on published RFID protocols. In particular, we show attacks on a challenge-response protocol with IND-CCA1 encryption and on the randomized hashed GPS protocol.

We then show that IND-CCA2 encryption can be used to prevent insider attacks and present a protocol secure against insider attacks. The protocol is based solely on elliptic-curve operations.


Hash Function Elliptic Curve Encryption Scheme Inside Attack Protocol Execution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Juels, A., Molnar, D., Wagner, D.: Security and privacy issues in e-passports. In: IEEE Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm (2005)Google Scholar
  2. 2.
    Sadeghi, A.R., Visconti, I., Wachsmann, C.: User privacy in transport systems based on RFID e-tickets. In: PiLBA (2008)Google Scholar
  3. 3.
    Molnar, D., Wagner, D.: Privacy and security in library RFID: issues, practices, and architectures. In: ACM Conference on Computer and Communications Security (2004)Google Scholar
  4. 4.
    Quartararo, P.: Permanent RFID garment tracking system (US Patent 005785181A) (1998)Google Scholar
  5. 5.
    Gollmann, D.: Insider fraud (position paper). In: Security Protocols Workshop, pp. 213–219 (1998)Google Scholar
  6. 6.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)zbMATHCrossRefGoogle Scholar
  7. 7.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication. SIGOPS Oper. Syst. Rev. 23(5), 1–13 (1989)CrossRefGoogle Scholar
  8. 8.
    Lowe, G.: Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  9. 9.
    Lowe, G.: Casper: a compiler for the analysis of security protocols. J. Comput. Secur. 6(1-2), 53–84 (1998)Google Scholar
  10. 10.
    Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW), pp. 82–96. IEEE Computer Society (2001)Google Scholar
  11. 11.
    Cremers, C.: Scyther - Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology (2006)Google Scholar
  12. 12.
    Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Bringer, J., Chabanne, H., Icart, T.: Efficient zero-knowledge identification schemes which respect privacy. In: ASIACCS, pp. 195–205 (2009)Google Scholar
  14. 14.
    Erguler, I., Anarim, E.: Scalability and security conflict for RFID authentication protocols. Cryptology ePrint Archive, Report 2010/018 (2010),
  15. 15.
    Damgård, I., Pedersen, M.Ø.: RFID Security: Tradeoffs between Security and Efficiency. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 318–332. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A New RFID Privacy Model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  17. 17.
    Girault, M., Poupard, G., Stern, J.: On the fly authentication and signature schemes based on groups of unknown order. J. Cryptology 19(4), 463–487 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    Lee, Y.K., Batina, L., Singelée, D., Verbauwhede, I.: Low-cost untraceable authentication protocols for RFID. In: 3rd ACM Conference on Wireless Network Security – WiSec 2010 (2010)Google Scholar
  19. 19.
    Lee, Y., Batina, L., Verbauwhede, I.: Untraceable RFID authentication protocols: Revision of EC-RAC. In: IEEE International Conference on RFID – RFID 2009, Orlando, Florida, USA, pp. 178–185 (April 2009)Google Scholar
  20. 20.
    Lee, Y.K., Batina, L., Singelée, D., Verbauwhede, I.: Wide–Weak Privacy–Preserving RFID Authentication Protocols. In: Chatzimisios, P., Verikoukis, C., Santamaría, I., Laddomada, M., Hoffmann, O. (eds.) MOBILIGHT 2010. LNICST, vol. 45, pp. 254–267. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Bringer, J., Chabanne, H., Icart, T.: Cryptanalysis of EC-RAC, a RFID Identification Protocol. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 149–161. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  22. 22.
    Batina, L., Seys, S., Singelee, D., Verbauwhede, I.: Hierarchical ECC-based RFID authentication protocol. In: Workshop on RFID Security – RFIDSec 2011 (to appear, 2011)Google Scholar
  23. 23.
    Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)zbMATHCrossRefGoogle Scholar
  24. 24.
    Damgård, I.: Towards Practical Public Key Systems Secure against Chosen Ciphertext Attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)Google Scholar
  25. 25.
    Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)Google Scholar
  26. 26.
    van Deursen, T., Radomirović, S.: Algebraic Attacks on RFID Protocols. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) WISTP 2009. LNCS, vol. 5746, pp. 38–51. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Icart, T.: How to Hash into Elliptic Curves. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 303–316. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  28. 28.
    Coron, J.S., Icart, T.: An indifferentiable hash function into elliptic curves. Cryptology ePrint Archive, Report 2009/340 (2009),
  29. 29.
    Shallue, A., van de Woestijne, C.: Construction of Rational Points on Elliptic Curves over Finite Fields. In: Hess, F., Pauli, S., Pohst, M. (eds.) ANTS 2006. LNCS, vol. 4076, pp. 510–524. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  30. 30.
    Ulas, M.: Rational points on certain hyperelliptic curves over finite fields. Bull. Pol. Acad. Sci. Math. 55(2), 97–104 (2007)MathSciNetzbMATHCrossRefGoogle Scholar
  31. 31.
    Seroussi, G.: Compact representation of elliptic curve points over F2n. Technical report, Research Contribution to IEEE P1363 (1998)Google Scholar
  32. 32.
    Okamoto, T., Pointcheval, D.: PSEC-3: Provably secure elliptic curve encryption scheme - V3 (Submission to P1363a). In: IEEE P1363a (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Ton van Deursen
    • 1
  • Saša Radomirović
    • 1
  1. 1.University of LuxembourgLuxembourg

Personalised recommendations